Any website that offers some form of interactivity whereby user input can make its way to be published is a potential victim for spammers - people who want to promote a product or service, but without offering anything of value in return.
Often, those websites that are more visible in search engines are bigger, juicier targets because:
- They’re easier for spammers to find - try searching for a term such as “Leave a Comment”
- Better search engine visibility means a potentially bigger reward for the successful spammer as their advert/link will be seen by more people and may provide them with more link popularity.
For blogs, such as this one, the spammers usually target the comments system. For WordPress, there are many possible solutions to help prevent spam from being published. Some are built-in as standard, whilst others can be plugged in.
For those with more access to their hosting, it’s also possible to block specific IP addresses; a useful tactic if you’re receiving a lot of automated spam from a webserver. Blocking IP addresses that belong to ISPs can be less effective due to their dynamic nature i.e. every time a spammer reconnects to the Internet they’re assigned a new IP address.
Brian from Platinax has some advice on IP blocking using htaccess.
One of the ways in which I block IPs across an entire server is to add them to the firewall rules. If you’re using the likes of APF and you’ve got access to its policy rules then you can set up a server-wide block of an IP address by adding it to
/etc/apf/deny_hosts.rules
You’ll then need to restart APF by typing at the comman line
service apf restart
A very useful tip if you want to block access to all your websites on a server. 
Leave a reply